Fierce battle ahead for new web surveillance law
The UK government is preparing a major overhaul of legislation relating to internet surveillance.
The new legislation -- the Investigatory Powers Bill -- due to be unveiled tomorrow, is likely to require communications companies to retain data on customers' web surfing for up to a year, while there have been suggestions that the government will also look again at how to gain access to encrypted communications - a new and increasing difficult area for law enforcement. It may also provide more clarity around the powers of intelligence agencies to hack into computers.
But the new legislation will be published against a complicated background, with intelligence agencies calling for stronger powers to cope with changing internet technologies, while privacy campaigners argue that too much unnecessary surveillance is already taking place without enough proper oversight.
Certainly the UK's existing surveillance legislation needs reform, having been criticised for being complicated, fragmented and lacking in transparency. One independent report earlier this year said that the UK's main piece of surveillance legislation has been "obscure since its inception" and warned it has been "patched up so many times as to make it incomprehensible to all but a tiny band of initiates".
"This state of affairs is undemocratic, unnecessary and - in the long run - intolerable" said the report from the Independent Reviewer of Terrorism Legislation David Anderson, who said a new, comprehensive and comprehensible set of laws should be drafted from scratch - providing clear limits and safeguards. Similarly a review conducted by the Royal United Services Institute warned the current legal framework around the interception of communications is unclear, has not kept pace with developments in communications technology.
One technology creating a headache is encryption - once used by a knowledgeable minority of internet users and which is now becoming part of the mainstream, making it harder for police to crack communications.
In particular, the use of end-to-end encryption is worrying law enforcement agencies because even the company that runs the service cannot provide a decrypted version for police. This has led to warnings that that criminals will be able to plot in secret and that communications will 'go dark'.
However, the new legislation also comes after the revelations from NSA-contractor-turned-whistleblower Edward Snowden, who catalogued the ways in which the GCHQ and NSA intelligence agencies have conducted widespread surveillance of internet users, gathering vast amounts of data, and attempted to undermine the use of encryption.
However, the agencies insist that in reality they are only able to gather and analyse a very small amount data, and that gaining access to information about the web usage and communications of criminals is essential to fighting crime and stopping terrorist plots. They argue that access to bulk data is essential for spotting patterns of communications that might otherwise be missed, and has been key to stopping a number of plots, including one where terrorists were stopped en route to an attack.
An earlier attempt to update surveillance legislation in the last parliament was tagged a 'snoopers' charter' and never really recovered, finally being shelved. This latest attempt to update surveillance legislation is likely to have a rocky path and may face significant opposition on its route to becoming law.
More stories on security and surveillance
- The new art of war: How trolls, hackers and spies are rewriting the rules of conflict
- Inside the secret digital arms race: Facing the threat of a global cyberwar
- Surveillance laws need rethink, but bulk collection of web data will continue
- The undercover war on your internet secrets: How online surveillance cracked our trust in the web
- The impossible task of counting up the world's cyber armies
- Encryption: More and more companies use it, despite nasty tech headaches